Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

policy fuzzer: ignore known panics #3993

Merged
merged 1 commit into from
Jan 4, 2025
Merged

policy fuzzer: ignore known panics #3993

merged 1 commit into from
Jan 4, 2025

Conversation

AdamKorcz
Copy link
Contributor

@codecov Codecov
Copy link

codecov bot commented Dec 26, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 36.48%. Comparing base (2ef6022) to head (f296a19).
Report is 268 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3993      +/-   ##
==========================================
- Coverage   40.10%   36.48%   -3.63%     
==========================================
  Files         155      209      +54     
  Lines       10044    13316    +3272     
==========================================
+ Hits         4028     4858     +830     
- Misses       5530     7839    +2309     
- Partials      486      619     +133

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@AdamKorcz AdamKorcz force-pushed the false-fuzz-positives branch 3 times, most recently from adc9dc7 to 5dd078a Compare December 26, 2024 19:05
@AdamKorcz
policy fuzzer: ignore known panics
f296a19 
Signed-off-by: Adam Korczynski <[email protected]>
@AdamKorcz AdamKorcz force-pushed the false-fuzz-positives branch from 5dd078a to f296a19 Compare December 26, 2024 20:01
@haydentherapper haydentherapper merged commit 782e038 into sigstore:main Jan 4, 2025
23 checks passed
tmeijn pushed a commit to tmeijn/dotfiles that referenced this pull request Feb 6, 2025
@tmeijn
build(deps): update cosign to v2.4.2
618e169 
This MR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [cosign](https://github.com/sigstore/cosign) | patch | `2.4.1` -> `2.4.2` |

MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot).

**Proposed changes to behavior should be submitted there as MRs.**

---

### Release Notes

<details>
<summary>sigstore/cosign (cosign)</summary>

### [`v2.4.2`](https://github.com/sigstore/cosign/blob/HEAD/CHANGELOG.md#v242)

[Compare Source](sigstore/cosign@v2.4.1...v2.4.2)

#### Features

-   Updated open-policy-agent to 1.1.0 library ([#&#8203;4036](sigstore/cosign#4036))
    -   Note that only Rego v0 policies are supported at this time
-   Add UseSignedTimestamps to CheckOpts, refactor TSA options ([#&#8203;4006](sigstore/cosign#4006))
-   Add support for verifying root checksum in cosign initialize ([#&#8203;3953](sigstore/cosign#3953))
-   Detect if user supplied a valid protobuf bundle ([#&#8203;3931](sigstore/cosign#3931))
-   Add a log message if user doesn't provide `--trusted-root` ([#&#8203;3933](sigstore/cosign#3933))
-   Support mTLS towards container registry ([#&#8203;3922](sigstore/cosign#3922))
-   Add bundle create helper command ([#&#8203;3901](sigstore/cosign#3901))
-   Add trusted-root create helper command ([#&#8203;3876](sigstore/cosign#3876))

#### Bug Fixes

-   fix: set tls config while retaining other fields from default http transport ([#&#8203;4007](sigstore/cosign#4007))
-   policy fuzzer: ignore known panics ([#&#8203;3993](sigstore/cosign#3993))
-   Fix for multiple WithRemote options ([#&#8203;3982](sigstore/cosign#3982))
-   Add nightly conformance test workflow ([#&#8203;3979](sigstore/cosign#3979))
-   Fix copy --only for signatures + update/align docs ([#&#8203;3904](sigstore/cosign#3904))

#### Documentation

-   Remove usage.md from spec, point to client spec ([#&#8203;3918](sigstore/cosign#3918))
-   move reference from gcr to ghcr ([#&#8203;3897](sigstore/cosign#3897))

#### Contributors

-   AdamKorcz
-   Aditya Sirish
-   Bob Callaway
-   Carlos Tadeu Panato Junior
-   Cody Soyland
-   Colleen Murphy
-   Hayden B
-   Jussi Kukkonen
-   Marco Franssen
-   Nianyu Shen
-   Slavek Kabrda
-   Søren Juul
-   Warren Hodgkinson
-   Zach Steindler

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this MR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box

---

This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xNTguMSIsInVwZGF0ZWRJblZlciI6IjM5LjE1OC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiXX0=-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@haydentherapper haydentherapper haydentherapper approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@AdamKorcz @haydentherapper